Are you getting the message “This account has been suspended” when you try to visit your website? Do you want the fastest way to get your site back to normal?
In this case, you get locked out of your admin panel. The only thing you can do is ask your web hosting company for more information.
There might be something wrong with your website, and we’ll show you how to fix it quickly.
Why Is My Account Suspended?
There’s a problem with your site if you see the message “This account has been suspended.” This means that your web hosting company (like Bluehost or GoDaddy) has temporarily taken your site offline.
Web hosts usually close your account for these reasons:
- Your web host runs security checks on their platform all the time. If they find malware on your site, they’ll flag it and close your account to keep it from spreading to other websites. This could be spam links, deceptive content, phishing pages, and a lot of other things.
- Payment issues include not paying for your domain, hosting plan, and other services on time or not paying for them at all.
- In this category, there are things like copyright infringements and spamming. There are also things like spam emails, improper admin use, and illegal material being stored on the server.
- This can happen if your website has limited resources, like in a shared hosting plan. If your website exceeds its resources, it could affect other websites on the same server. Some plugins and themes could use up a lot of server and CPU power, which could make your site slow down. If your site is hacked, this can also happen. Most malicious activities can overwork your server, making your site slow.
Having your account suspended puts a lot at risk. If your website is down for a long time, you could lose a lot of people and search engine rankings, which can be hard to come back from later.
That means that when your website is hacked, hackers could be defrauding users, stealing money from them, and ruining the reputation of your website if they get in.
Finally, the biggest risk of all is that if you don’t fix the mistake, your website could be gone for good.
So, let’s fix your WordPress site as soon as possible and not waste any time.
How to fix “This account has been suspended” Error
People who run websites might send an email to explain why they’ve suspended your account and give you instructions on how to get it back.
This will make it easier to figure out why your account was suspended and how to get it back.
It’s best to get in touch with your host’s customer support if they haven’t sent you an e-mail. Let them know why your account was suspended and what you can do to fix it.
When you haven’t paid your dues, all you have to do is pay and they’ll remove the suspension. If your website is down, it will be back up in no time.
Now, in most cases, the suspension happens because of a virus. There’s a good chance your website has been hacked, and this is by far the most common reason.
To get your website ready for review, you’ll need to find the infection and get rid of it before you can do that.
If hackers try to load your server even though they haven’t broken into your site, you need to keep that in mind as well! In a brute force attack, hacker bots try a lot of username-password combinations to figure out your password. When this process is done, it can put a lot of strain on your server, and you could get suspended for going over your resources.
Hackers can also do something called a DDoS (Distributed Denial of Service) attack, which is when they send a lot of traffic to your server to make it too busy.
So we’ll show you how to find and fix any malware infections and hacker attacks from outside your site, then show you how to protect your site from more attacks.
We’re going to use Sucuri to scan and clean up your site, which has been hacked. Sucuri gives you a strong security system that includes a firewall, a malware scanner, and a malware cleaner.
While it has a free web scanner, we prefer to use the premium server-side scanner. This will look inside your site to see if it has malware.
Here are some of its best parts:
- Checks to see if hackers have hidden backdoors.
- Checks with search engines and other people to see if they have been blacklisted.
- Email, SMS, Slack, and RSS alerts are sent right away.
- Keeps an eye on website uptime
- Keeps an eye out for spam and malicious scripts.
Detect changes to the DNS (domain name system) and SSL security systems, and report them.
If you want to know more about Sucuri, read our Sucuri Review.
It costs $199.99 per year to use Sucuri, which is a lot for what you get. If you don’t have the money for that, you can try other security plugins. See the list: 9 of the best WordPress security plugins are compared.
When you choose a security plugin, ensure it has all the cyber security features you need to find and fix malware infections and protect your website from cyber threats. Your web host won’t let you get your account back if you don’t clean up the hack properly.
Step 1: Scanning Your Website
Sign up for a plan with Sucuri to start. Then, go to the Sucuri dashboard. There, you can add your site and set it up.
Here, you’ll need to connect your website to your FTP account. FTP credentials: If you don’t know what they are, ask your web host to get them for you.
Sucuri will thoroughly check your site as soon as your site is connected. When it’s done, it will show you a detailed report under the “My Sites” tab after this.
As soon as you click on the “Details” button next to the warning message, a page called “Monitoring” will show up. There, you can see all the information about the hack or virus.
Step 2: Requesting a Malware Cleanup
On the Monitoring page, Sucuri will show you what kind of malware has infected your site and how to fix it. It also tells you if the risk level is low, high, or critical, so you know what to do. It will also show you if any search engines have banned your site.
In this case, you can click the “Clean Up My Site” button. You’ll need to request to get rid of the malware on the next page.
To start a new request for malware removal, click the New Malware Removal Request button. You’ll see a form where you can fill in your site’s information.
As soon as you do this, Sucuri’s security experts will clean up your site for you. You don’t have to do anything else. Ask your web host if you don’t know these things.
The time to clean up depends on the plan that you have.
Those on the Business plan get first dibs on service, and Sucuri will get your site back up and running in 6 hours. You can choose from a lot of different plans, but they could take longer because of how complicated your site’s infection is and how many requests they have in their queue.
Step 3: Enabling the Firewall
A firewall will look at your site’s traffic to see any bad bots and block them before they get to your site. Sucuri has one of the best firewalls on the market for any site. It has built-in protection against brute force attacks, DDoS attacks, and any hacker who tries to get into your site.
You can turn on the Sucuri firewall by going to the Firewall tab on your Sucuri dashboard.
Select your site, and it will show you how to set it up. In Sucuri, you can choose from two ways to set up the firewall:
- You can use cPanel or Plesk to put in your hosting credentials. If you use this method, Sucuri will be able to set up your site’s firewall on its own.
- Manual Integration: Sucuri shows you how to set up the firewall independently. Make sure that the link you clicked on works first.
Next, you can change your DNS settings so that your web traffic goes to the Sucuri firewall instead. To do this, you’ll need to go to your hosting account and look at the DNS records. You can change the “A” record of your site here. You can also enter the IP addresses that Sucuri gives you here if you want.
If this is too hard for you to understand, you can ask your web host for help, and they will show you how to do it. You can also contact Sucuri and ask them to help you change the DNS records, and their support team will help you do this.
Find a link to open a ticket on the same page where you read the manual.
After you set up the firewall, it can take up to 48 hours for the changes to show up. Most of the time, they happen in a few hours.
A simple mouse click can also help you add more security protection. If you go to Settings » Security, you’ll find these settings.
There are many ways to make it more difficult for hackers to get into your site, like putting DDoS protection and geoblocking in place.
Make sure the box is checked, and then save your changes. When you want to turn it off, you have to uncheck the box.
Before you send your site to your host for review, we’ll give you some ideas for how to make it more secure.
Step 4: Adding Recommended Security Measures
Your website’s login page is being targeted by hackers who use brute force attacks to try to get people to sign in. It’s easy for them to guess your password and log in.
To ensure this area is safe, you’ll protect your website from hackers and keep your server from getting too full. Take these steps:
To start, make sure you have a good password
It would help if you used a unique admin name and a strong password. Letters, numbers, and symbols can be mixed to make it very hard to guess.
When you’re making a password on WordPress, it will tell you if your password is too weak. This makes it easy to figure out how strong your password is, so you can be sure it’s safe.
Keep the number of times you try to log in to your account low
By limiting the number of times, a user can try to enter the correct credentials, hackers won’t try hundreds of times to get in.
As a result of Sucuri’s built-in firewall, this will happen automatically. You can also find a plugin for WordPress that will add the feature to your site.
Use 2-Step Authentication
In a 2-step verification process, each person gets a one-time passcode (OTP) in text messages, emails, or apps.
The user must also enter this OTP to get into your admin panel. This is one of the best ways to keep hackers from getting into your account through your login page.
A feature called “Protected Pages” in the Sucuri dashboard lets you turn on two-factor Authentication.
Make the Login Page Private
You can allow only people who you trust to see your login page, and everyone else will be blocked from seeing it by default.
In Sucuri’s dashboard, under the Access Control tab, you can add IP addresses that are allowed to access the site.
By checking this box, Sucuri will ensure that only people you trust can see your login page.
That’s all! It should be clean and safe now. Taking a screenshot of the clean scan from Sucuri and giving it to your web host is a good idea.
It would help if you told your host about the security measures you’ve taken. They will check out your site, and they’ll remove the suspension from it.